From ea060e026dd29ea0eaf66ad8686f966c8c81eb7f Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 14 Sep 2016 23:54:12 +0100
Subject: [PATCH] Fix memory leak on error.

Thanks to Shi Lei (Gear Team, Qihoo 360 Inc.) for reporting this bug.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 ssl/ssl_asn1.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 35cc27c5e9..499f0e85ad 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -527,6 +527,9 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
         if (os.length > SSL_MAX_SID_CTX_LENGTH) {
             c.error = SSL_R_BAD_LENGTH;
             c.line = __LINE__;
+            OPENSSL_free(os.data);
+            os.data = NULL;
+            os.length = 0;
             goto err;
         } else {
             ret->sid_ctx_length = os.length;
-- 
2.25.1